CVE-2025-39910 – A Linux kernel memory allocation vulnerability ... (How to Fix)

Q: What is the severity of CVE-2025-39910?

CVE-2025-39910 has a CVSS score of 5.5 (MEDIUM). A Linux kernel memory allocation vulnerability where kasan_populate_vmalloc() ignores the caller's gfp_mask flags, potentially causing deadlocks when vmalloc is called with GFP_NOFS or GFP_NOIO flags. This affects Linux systems using XFS filesystem or other components that use these allocation flags. The vulnerability could lead to system instability or denial of service.

📋 TL;DR

A Linux kernel memory allocation vulnerability where kasan_populate_vmalloc() ignores the caller's gfp_mask flags, potentially causing deadlocks when vmalloc is called with GFP_NOFS or GFP_NOIO flags. This affects Linux systems using XFS filesystem or other components that use these allocation flags. The vulnerability could lead to system instability or denial of service.

💻 Affected Systems

Products:

Linux Kernel

Versions: Specific affected versions not specified in CVE, but patches exist for stable kernel trees.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires use of vmalloc with GFP_NOFS or GFP_NOIO flags, commonly used by XFS filesystem.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System deadlock requiring hard reboot, causing extended downtime and potential data corruption.

🟠

Likely Case

System hangs or crashes under specific memory allocation patterns, leading to service disruption.

🟢

If Mitigated

Minor performance impact or no noticeable effect if not using affected allocation patterns.

🌐 Internet-Facing: LOW - Requires local access or specific kernel-level operations.

🏢 Internal Only: MEDIUM - Could affect system stability for internal services using XFS or similar filesystems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires specific memory allocation patterns and kernel-level access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits 33b95d90427cb4babf32059e323a6d0c027610fe and 79357cd06d41d0f5a11b17d7c86176e395d10ef2)

Vendor Advisory: https://git.kernel.org/stable/c/33b95d90427cb4babf32059e323a6d0c027610fe

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Avoid XFS filesystem

linux

Use alternative filesystems that don't trigger the vulnerable code path

Limit vmalloc usage

linux

Configure system to minimize vmalloc allocations with GFP_NOFS/NOIO flags

🧯 If You Can't Patch

Monitor system logs for memory allocation failures or deadlock indicators
Implement system redundancy and failover mechanisms to minimize downtime impact

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if patches are applied. Vulnerable if using unpatched kernel with XFS or similar.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the specific patch commits or is from a distribution that has backported the fix.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
System hang/crash events
Memory allocation failure logs

Network Indicators:

Service unavailability alerts

SIEM Query:

source="kernel" AND ("deadlock" OR "vmalloc" OR "GFP_NOFS" OR "GFP_NOIO")

📊 Metadata

CVE ID: CVE-2025-39910

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-667

EPSS Score: 0.02% exploit probability (4.5th percentile)

Published: October 1, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-39910, you might also want to check these: